Report - megadeportestv2.com/

Report Overview

Submitted URL
megadeportestv2.com/
IP
104.21.52.17
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 23:23:54
Access
public
Website Title
Mega Deportes TV - Fútbol en VIVO Gratis HD
Final URL
megadeportestv2.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
coordinatereopen.com	unknown	unknown	No data	No data	488 B	467 B	192.243.59.13
trumpsurgery.com	unknown	unknown	No data	No data	4.1 kB	11 kB	192.243.61.227
waust.at	38137	unknown	2016-01-28	2024-05-06	391 B	4.5 kB	172.67.71.57
desperateambient.com	unknown	unknown	No data	No data	1.3 kB	73 kB	192.243.61.227
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-07	338 B	942 B	143.204.53.97
youradexchange.com	273384	2012-11-09	2013-02-04	2024-05-06	1.0 kB	2.0 kB	172.67.177.214
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-06	840 B	658 B	192.243.59.13
unpkg.com	11693	2016-01-06	2016-01-08	2024-05-06	439 B	64 kB	104.17.246.203
gloomilysuffocate.com	unknown	unknown	No data	No data	491 B	467 B	192.243.59.12
acscdn.com	93608	2020-05-05	2020-05-06	2024-05-06	1.2 kB	226 kB	188.114.97.1
pubtrky.com	unknown	2023-11-21	2023-11-21	2024-05-06	482 B	566 B	172.67.188.110
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-06	1.5 kB	846 B	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	76 kB	216.58.207.227
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-06	439 B	426 B	52.58.212.182
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	434 B	34 kB	216.58.211.10
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-07	842 B	57 kB	188.114.97.1
i.imgur.com	5110	2009-01-09	2012-05-21	2024-05-06	872 B	287 kB	151.101.244.193
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-07	489 B	36 kB	151.101.1.229
megadeportestv2.com	unknown	unknown	No data	No data	8.3 kB	256 kB	104.21.52.17
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	470 B	1.8 kB	142.250.74.106
t.dtscout.com	11951	2013-11-01	2017-01-30	2024-05-05	971 B	3.3 kB	141.101.120.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	trumpsurgery.com	Sinkholed
2024-05-07	medium	trumpsurgery.com	Sinkholed
2024-05-07	medium	trumpsurgery.com	Sinkholed
2024-05-07	medium	unseenreport.com	Sinkholed
2024-05-07	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	unknown	21 B	2023-04-11	2024-05-08
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 11:04:13 Last Seen2024-05-08 01:24:01 Times Seen121 Hash 12fd00fc5ed4440e3586bc39eb44966a 85a4a7db58bad75fb355896b2f16124d5d3230c4 d980a052e815044466f0f393454aded473af84c73a36af6954f7693849d07877 Loading...

	megadeportestv2.com/agenda3.html	132 B	2024-05-08	2024-05-08
Pretty URL megadeportestv2.com/agenda3.html IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:01 Times Seen1 Hash b4d07ca1166dc9f9f64cbb9b6ab71ccc f133c3ab250b3ee0f5811a8df00eec6052451cc2 6d1ec1036c46bcf53a5a8a621a9c17bcdbeb9249bc80444b5fdb25c5723bb7c0 Loading...

	desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js	84 kB	2024-05-08	2024-05-08
Pretty URL desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:02 Times Seen2 Hash 41fe61358ceb4817c0c0b5abacaba0e3 6a2c713fbca25c654a665c0e3cc0c17577e2f210 d3b83e9751903be958b5cbff13dc28714848540a7af95243b05e73283af520d1 Loading...

	megadeportestv2.com/js/rocket-loader.min.js	12 kB	2023-03-07	2024-05-19
Pretty URL megadeportestv2.com/js/rocket-loader.min.js IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-19 21:50:16 Times Seen44493 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	waust.at/s.js	8.6 kB	2023-03-08	2024-05-19
Pretty URL waust.at/s.js IP 172.67.71.57 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:44 Last Seen2024-05-19 18:54:03 Times Seen2614 Hash a41caf5294227669425cd5135a26b2a0 a26a13f88c51c37b58fbd8a6b444e9b9150fae16 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	acscdn.com/script/ut.js?cb=1715124209182	63 kB	2024-04-25	2024-05-19
Pretty URL acscdn.com/script/ut.js?cb=1715124209182 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:58:25 Last Seen2024-05-19 21:01:48 Times Seen364 Hash bc481e345c04b4534e0a4e54a0f2c1c6 2be428035dd37b2722891c200f35449c5893df33 04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b Loading...

	desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js	84 kB	2024-05-08	2024-05-08
Pretty URL desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:02 Times Seen2 Hash b8e7099b0bda6630b3638b4ba1be51e0 12470f4bdf773f795cd76a92819eef61af2a6c4f d45f7f4fd26d5cf955bb8788920709f1c5f4a4347d01485bb83b144414f213e8 Loading...

	megadeportestv2.com/js/bootstrap.min.js	60 kB	2023-03-08	2024-05-19
Pretty URL megadeportestv2.com/js/bootstrap.min.js IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:41 Last Seen2024-05-19 08:12:19 Times Seen1418 Hash c5236e5d6a5d0ff97ff8c8e5102c6c03 6fbfdbddbe85c578de559adcc8d07cccbc16d514 87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65 Loading...

	acscdn.com/script/aclib.js	126 kB	2024-04-29	2024-05-15
Pretty URL acscdn.com/script/aclib.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:52:36 Last Seen2024-05-15 10:52:57 Times Seen152 Hash 4c2179a619c355d4c2eca1a64f6f3f07 b274e397844067fef7f1ee62031cf1c03d7d0343 23847115b160f47704649f2f6bb3347e31b53c12089d504d98303c18856bc58a Loading...

	megadeportestv2.com/	77 B	2024-05-08	2024-05-08
Pretty URL megadeportestv2.com/ IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:01 Times Seen1 Hash 43da7cdcd837e0b8393cc3fc96bcb4b4 3be51999381db3fbc2df5b8c94c1e509af6e4ce5 de4a1ddb6b8644e2b336a2d8eac9b90c07b0fe4fccfd450ac0fa31bd09d5d622 Loading...

	megadeportestv2.com/	65 B	2024-05-08	2024-05-08
Pretty URL megadeportestv2.com/ IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:01 Times Seen1 Hash 6fefbe3d78e468608656ff57e862c080 3b75c7bd69103d3e5d774daa2200c0edd7648343 3a3ca739601e4da86dfc783981faa01d743bd894ce15629932d99875f386767c Loading...

	acscdn.com/script/suv5.js	74 kB	2024-04-29	2024-05-15
Pretty URL acscdn.com/script/suv5.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:52:36 Last Seen2024-05-15 11:48:44 Times Seen77 Hash 9d6eb2890d21b253ae6805e887bc3e7d 445a76360b55b73e5be624029c6a152f859532ba 46bca0d03531443972441e135afb00e7fd35bc74d0f466efe2dd782071a2d9e0 Loading...

	t.dtscout.com/pv/?_a=v&_h=megadeportestv2.com&_ss=5izfyv35fl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=mb92&_cb=_dtspv.c	51 B	2024-05-08	2024-05-08
Pretty URL t.dtscout.com/pv/?_a=v&_h=megadeportestv2.com&_ss=5izfyv35fl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=mb92&_cb=_dtspv.c IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:01 Times Seen1 Hash aca24c8657068a674f25e2db11a47331 a992edbd605c6f9b0c182714b70fc0c000d1527f d63cb6cd1c5752917a2c152b2ea9dc0fad5a1558c2d59916e35db20cdcc05519 Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-19
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 22:57:04 Times Seen37845916 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-05-19 21:22:59 Times Seen10822 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	megadeportestv2.com/agenda3.html	459 B	2023-03-11	2024-05-08
Pretty URL megadeportestv2.com/agenda3.html IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 15:31:51 Last Seen2024-05-08 01:24:01 Times Seen8 Hash db7679b54d4cc878a212dbcc60436130 1ffd0ba315ccd8143101add46640b02937b83c8e c67a3849eeda388c001caefe9a4a2e06d68795d89a60faaa96a2a2a8015b7a27 Loading...

	desperateambient.com/b21f89cf414ba1796d6f6190928010db/invoke.js	27 kB	2024-05-08	2024-05-08
Pretty URL desperateambient.com/b21f89cf414ba1796d6f6190928010db/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:24:01 Last Seen2024-05-08 01:24:01 Times Seen2 Hash e7e3863fca1b5cb28783b95a04e1fcd2 ef9463fe1ff16bddde84df7ee2756f0f831779d7 8eda9cda97e9137093720185429646e90ee76112c5050e7f6a381d39d040c157 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Fmegadeportestv2.com%2F&j=	2.1 kB	2023-03-07	2024-05-19
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fmegadeportestv2.com%2F&j= IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-19 22:50:51 Times Seen4621 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	megadeportestv2.com/smallscripts120.js?inv	5.0 kB	2023-10-30	2024-05-08
Pretty URL megadeportestv2.com/smallscripts120.js?inv IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:05:27 Last Seen2024-05-08 01:24:02 Times Seen4 Hash 18856d1c32c0840a6bc6206f6e192baf 45b8288c8534d569f93969c99124700e6024681d 0b9cecf671d6675a4f7b244511f5ed66d2bd0ffd292d54a9ebcdbfac2a32c102 Loading...

	megadeportestv2.com/agenda3.html	185 B	2023-03-07	2024-05-09
Pretty URL megadeportestv2.com/agenda3.html IP 104.21.52.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:36 Last Seen2024-05-09 10:18:12 Times Seen36 Hash abc584713f9d21c4094071d977cb3e90 83b1a36b4a8bd30cd84d3655d00c25af4e772857 bc6efc0f40ecfe8f7236e88f59323904b137fd5bc65153ea2e2f82ed9acd0a9b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 15e514201ed921853a8b29395c8a6999	71 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:25:36 Last Seen2024-05-08 01:24:01 Times Seen99 Hash 15e514201ed921853a8b29395c8a6999 1427a0b4300e4ed3392f3ce6826bc8240ff2b300 606860a664bd76f642a7ff46cef85acc88dea22a3362f3b7f21afb795d71232c Loading...

HTTP Transactions (50)

URL IP Response Size

i.imgur.com/1Xw6Ptw.png

151.101.244.193

200 OK

13 kB

URL GET HTTP/2
i.imgur.com/1Xw6Ptw.png
IP
151.101.244.193:443
ASN
#54113 FASTLY

Requested by
https://megadeportestv2.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 1500 x 667, 8-bit colormap, non-interlaced
Size
13 kB (13358 bytes)
Hash
e56a80916b18f549f749027727b3608d
8b8a0fa443dccc8afd3ddfec6954dbd35e99d857
32801119a1eef003587c4613b77bfc41c95f39e2c7aa47c9b0986ca0f9b68915

HTTP Headers

GET /1Xw6Ptw.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 17 Jun 2023 14:59:52 GMT
etag: "e56a80916b18f549f749027727b3608d"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: YAgUTZaQzJf6E-3UVgpknLouyDw7pKP7QKXABSu7M3hssiVkO6jedw==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 2731305
date: Tue, 07 May 2024 23:23:28 GMT
x-served-by: cache-iad-kcgs7200104-IAD, cache-hel1410022-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 4481, 0
x-timer: S1715124208.022797,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 13358
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

151.101.1.229

200 OK

35 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://megadeportestv2.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65342)
Size
35 kB (34902 bytes)
Hash
cd822b7fd22c8a95a68470c795adea69
1f139981b9b47a766efa0a61bb78ada351f16c4b
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

HTTP Headers

GET /npm/bootstrap@5.3.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.3.2
x-jsd-version-type: version
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 23:23:28 GMT
age: 6245337
x-served-by: cache-fra-etou8220083-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34902
X-Firefox-Spdy: h2

megadeportestv2.com/logo-starplus.png

104.21.52.17

200 OK

14 kB

URL GET HTTP/3
megadeportestv2.com/logo-starplus.png
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14500 bytes)
Hash
4c09ea33ffeb74895e77c3027996a531
d182936b5ff5efacfdec66ca82d3460670f45cca
2a330140e68bb2f901a28d36c542757e3e4ff5d362fb6a3b3c1695ed4402e3be

HTTP Headers

GET /logo-starplus.png HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: image/png
content-length: 14500
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-38a4"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: CC0A:31E846:7B7ABE:7EA919:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.957516,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 6081bf7906c30746ca799990c971c4cfc5687cf2
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRbmJwWuanRn8j5h0ioiDUJcdWSM8HBd%2FkhrXeVPvtqp%2Bs%2BZEloFvYgOLVK9CZfaomcw4klux9cqEvY%2FQyVAA3t9ueJnrN%2BLF7%2BA%2FmTibRZlF5kVQ5NxBTOrDPSjU%2FQWUJYrSNfa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53ba9f156c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/img/ESPN.webp

104.21.52.17

200 OK

18 kB

URL GET HTTP/3
megadeportestv2.com/img/ESPN.webp
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (18400 bytes)
Hash
b805f7a26697e9be579e0268914c01b4
bf04601c52f07cf7c97941ecc7cd762dcc48cd34
4c1d5ae750cf85428bb659481ab1d0305e88b3ab01cf72cc8c4b454d35edc2dd

HTTP Headers

GET /img/ESPN.webp HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: image/webp
content-length: 18400
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-47e0"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 33F0:313486:1CBB577:1D65729:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.960493,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 922280070ba70c19e54a53486a1540903cd6aaa0
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNK1WW0IRY3wqd%2By7YywAGTQnRndohtHjGy7o80A4m9EjR58EQOE9gx9hxa4aMtOMX7%2Fegb8%2Bt4QASMtD3Ed6KM%2BMR0AObibbMctW65g%2FWPeW%2BQsFJPWWIK0FzIpD%2B0cGkHAgHKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53bb9f556c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/img/TNT_Sports.webp

104.21.52.17

200 OK

4.3 kB

URL GET HTTP/3
megadeportestv2.com/img/TNT_Sports.webp
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.3 kB (4322 bytes)
Hash
a2144b18f9825cf9a1d77bdadd451e20
235dadd6eacb9fe7ba0b9034cef6bada6e279ea7
76263efd93e73d8e1323c3285fa7a8f8f1646a952de9067e45106f6498f11519

HTTP Headers

GET /img/TNT_Sports.webp HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: image/webp
content-length: 4322
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-10e2"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: C3B8:313486:1CBB577:1D6572A:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6533-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.961542,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 7de66ec5a11a193415f205e47ec02af33ddd0ff8
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp%2FF%2F8uTI3pwx4bQAGOHff6kDtJ2DPBmlmhNoIIBpx0qKW0l9sHQWfSR%2BDwE7Nn86ijVt5g7pOUstFAxxBWQaLN4GH%2FFwwRJ3n0MdC94BQUTGL6e%2BNb0Cx5Cbb6F9iuFO2j1AUAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53bb9f656c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/img/Fox_Sports.png

104.21.52.17

200 OK

29 kB

URL GET HTTP/3
megadeportestv2.com/img/Fox_Sports.png
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 320 x 236, 8-bit/color RGBA, non-interlaced
Size
29 kB (28786 bytes)
Hash
dca1e93cf1c8e223f165e2f95590efa2
83b9e0145b3c713fda6e960b1849d7b4aa0f17d9
eebc874e352d71d0805dde9ed4aedaa36c66f5cadf41081ae244d1b8fc50ade5

HTTP Headers

GET /img/Fox_Sports.png HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: image/png
content-length: 28786
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-7072"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 3090:EFAF3:386BCEE:39FDD93:663AB7EF
via: 1.1 varnish
x-served-by: cache-osl6526-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.966065,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: b6f67f9d3581b6f0683494c28f7bc4eb1ece2642
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqR3Pdx7Ayc32%2FmoweD8rZLFnb%2B3wQ3JoRlMn7lNNDOs4Qu0Xy%2Fs%2BISAaSXBKL8gPI2EOMUC%2Be6l3%2BMWBU9EUjiz4ck5LOWQMduF0Rhvr%2BBcdW%2B3mWVztCocaOxskhBCYIY1X3cA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53bb9fa56c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/img/DSports.png?dd

104.21.52.17

200 OK

5.3 kB

URL GET HTTP/3
megadeportestv2.com/img/DSports.png?dd
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 100 x 74, 8-bit/color RGBA, non-interlaced
Size
5.3 kB (5273 bytes)
Hash
600f87cac992aca38907194a47e53865
fb2be4324313c94dc111ec0050c634f62fc2173c
330b744f7d02026d7137cf836f133601485fd7a0eeae0154e23e7e7cd170748b

HTTP Headers

GET /img/DSports.png?dd HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: image/png
content-length: 5273
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-1499"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: F91C:23C9E4:1407982:14874BB:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6548-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.969298,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: 267d317b2cef8622adfc78e4aeb2c44b74663ab2
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKu0lSdX5rswrRHhFERsEl6vPYyQ5%2FYT23NZ4164SR8E18%2F7hRzrqvq6Enbh2GF6PnjyupP08u2cgK249kG0EPkZZ679ODPJi%2BI8i74gfvWb4oXG0%2FunmvSZaGwGLVgDPLII4qSd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53bb9ff56c4-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700;800&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1207 bytes)
Hash
897c6ecae49da89d8ecf1c7f2656ca69
9590f00e74cc3027503bb0c0184d810ebcf74e7e
f4811a52d8432cdad98664209f8386e8f428ae30c62c78bd3a1694c13cc4e3b7

HTTP Headers

GET /css2?family=Manrope:wght@400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:23:28 GMT
date: Tue, 07 May 2024 23:23:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

waust.at/s.js

172.67.71.57

200 OK

3.7 kB

URL GET HTTP/2
waust.at/s.js
IP
172.67.71.57:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwaust.at
Fingerprint53:C9:86:25:AF:DA:1C:80:06:5F:64:B6:42:12:10:8C:33:EA:B2:37
ValiditySat, 04 May 2024 02:21:03 GMT - Fri, 02 Aug 2024 02:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (8560), with no line terminators
Size
3.7 kB (3717 bytes)
Hash
a41caf5294227669425cd5135a26b2a0
a26a13f88c51c37b58fbd8a6b444e9b9150fae16
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

HTTP Headers

GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:22 GMT
etag: W/"63c0411a-2170"
expires: Wed, 08 May 2024 22:40:04 GMT
cache-control: max-age=86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDcNEkLw4WBAWjgMhx9Udk0fr7IAU%2FT8%2B1Qh4mZ%2B21qM7v8Cj2iS93eNlAJF0TPSnGt3ecS8%2Bp%2BKyM5qYWsZ4qHM4Z0jKDgbE1eVXy5AiogWpP%2Bi0KiqzMaI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f53c2c07b524-OSL
content-encoding: br
X-Firefox-Spdy: h2

desperateambient.com/b21f89cf414ba1796d6f6190928010db/invoke.js

192.243.61.227

200 OK

9.8 kB

URL GET HTTP/1.1
desperateambient.com/b21f89cf414ba1796d6f6190928010db/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectdesperateambient.com
Fingerprint45:FC:34:89:CC:67:51:9C:CA:17:E6:70:E1:7F:08:3E:CB:C1:62:81
ValidityWed, 24 Apr 2024 06:34:18 GMT - Tue, 23 Jul 2024 06:34:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26572), with no line terminators
Size
9.8 kB (9793 bytes)
Hash
e7e3863fca1b5cb28783b95a04e1fcd2
ef9463fe1ff16bddde84df7ee2756f0f831779d7
8eda9cda97e9137093720185429646e90ee76112c5050e7f6a381d39d040c157

HTTP Headers

GET /b21f89cf414ba1796d6f6190928010db/invoke.js HTTP/1.1
Host: desperateambient.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c13f5aadd2d514f7fde6054345429fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js

192.243.61.227

200 OK

31 kB

URL GET HTTP/1.1
desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectdesperateambient.com
Fingerprint45:FC:34:89:CC:67:51:9C:CA:17:E6:70:E1:7F:08:3E:CB:C1:62:81
ValidityWed, 24 Apr 2024 06:34:18 GMT - Tue, 23 Jul 2024 06:34:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30620 bytes)
Hash
41fe61358ceb4817c0c0b5abacaba0e3
6a2c713fbca25c654a665c0e3cc0c17577e2f210
d3b83e9751903be958b5cbff13dc28714848540a7af95243b05e73283af520d1

HTTP Headers

GET /37/b9/35/37b93537576e500d0368e88b69fb3024.js HTTP/1.1
Host: desperateambient.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e61d6cf97d4812febd8444117f746bf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a1e61864f6877260287982fa7e36085
6d426b2327915af4f120ff6b18ebd20ed03c2a2b
9ee2ee3f0b60937becb4aa057c348332dd277e32b268f5c0ea260c0d2a2af498

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 23:23:29 GMT
Last-Modified: Tue, 07 May 2024 22:20:35 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JVEv_6ejQe8Kp01ES7Dq1kEpkJlVWrhTEOrjvoIxb35bX1GJpTu6wg==
Age: 3774

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:55 GMT
expires: Sat, 03 May 2025 02:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 422134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.58.212.182

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.58.212.182:443
ASN
#16509 AMAZON-02

Requested by
https://megadeportestv2.com/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
44a631de080b3d4d4739c2f426ea4c18
e0dcbe87ae212ef17dcbb07405ee3498519b6f5e
f23b0ca0cdec4c9de40b402af49db71ca58f44735e4215132269a99afe971c63

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://megadeportestv2.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=9f372a9f-4034-40d9-81c8-70a16d80556e:2:1; expires=Fri, 05 May 2034 23:23:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:55 GMT
expires: Sat, 03 May 2025 02:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 422134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:55 GMT
expires: Sat, 03 May 2025 02:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 422134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.imgur.com/hcY9Nez.png

151.101.244.193

200 OK

272 kB

URL GET HTTP/2
i.imgur.com/hcY9Nez.png
IP
151.101.244.193:443
ASN
#54113 FASTLY

Requested by
https://megadeportestv2.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 2400 x 508, 8-bit/color RGBA, non-interlaced
Size
272 kB (271933 bytes)
Hash
852cb3252e57d83c1ef0006b0041adc0
695fa2dc8738c580bc1e2f51c0e4ed59c71481ef
359085836b555cc189fe171a1fc0efbb84d1431abac58a04a4f1a40936a7e2b9

HTTP Headers

GET /hcY9Nez.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 19 Dec 2023 21:00:47 GMT
etag: "852cb3252e57d83c1ef0006b0041adc0"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: qmKj003Z3-de1TvdYogVV6uYmu_DoaqJy9Gm9z5kq0IDW7T8jmwmhg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 2741130
date: Tue, 07 May 2024 23:23:29 GMT
x-served-by: cache-iad-kjyo7100040-IAD, cache-hel1410022-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 4660, 0
x-timer: S1715124209.071272,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 271933
X-Firefox-Spdy: h2

megadeportestv2.com/img/espn_premium.png

104.21.52.17

200 OK

22 kB

URL GET HTTP/3
megadeportestv2.com/img/espn_premium.png
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 320 x 236, 8-bit/color RGBA, non-interlaced
Size
22 kB (22041 bytes)
Hash
9a4d83151ee52c507271a4d26eccb80a
041f13870b93724a3863e7487f14c9e4c9885828
0abe927d8cf66f22963397d3c840fd8d5b7d58d6cd7cf24a59487781ba840953

HTTP Headers

GET /img/espn_premium.png HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/png
content-length: 22041
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-5619"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: F91C:23C9E4:1407A0A:1487549:663AB7F0
via: 1.1 varnish
x-served-by: cache-osl6547-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124209.074884,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: d63d92e7019d6503bb0f215f6e863f965ebae5fe
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2UX2LTWAGNzDD1Md2IwuSGvvb8pB5f%2FQ7kma%2BaW2Y1qLFyUuEjFyyj%2B3l2W6PoaUgocIkHeOFPkreu%2BAJa9sxL%2BrqbnHQ3yBSH275ZbKsGzVxy856CwPgkmNqSMaVLT1QlSmmWuv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f542acf356c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/js/bootstrap.min.js

104.21.52.17

200 OK

17 kB

URL GET HTTP/3
megadeportestv2.com/js/bootstrap.min.js
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
JavaScript source, ASCII text, with very long lines (60201)
Size
17 kB (16880 bytes)
Hash
c5236e5d6a5d0ff97ff8c8e5102c6c03
6fbfdbddbe85c578de559adcc8d07cccbc16d514
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: W/"663aaf93-ec40"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 3090:EFAF3:386BD93:39FDE4C:663AB7F0
via: 1.1 varnish
x-served-by: cache-osl6524-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124209.074343,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: d8e493abbbf34a08d3cd7b6c0730b29bfd0e58cd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bY0rYU9Vq%2FlMGvs9SrgchFVLXJHSYj7hTTJPRovmDPenttr%2FPiwxaR%2FGzGLTIp5LfzOB1D%2Fjw9w8r7MAQlgzzObRMH%2FCK2fxjfo1DyzYpVMFmxn%2Bj6IYfK%2Bascpi114a2cC0R1Nh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f542acf256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js

192.243.61.227

200 OK

31 kB

URL GET HTTP/1.1
desperateambient.com/37/b9/35/37b93537576e500d0368e88b69fb3024.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectdesperateambient.com
Fingerprint45:FC:34:89:CC:67:51:9C:CA:17:E6:70:E1:7F:08:3E:CB:C1:62:81
ValidityWed, 24 Apr 2024 06:34:18 GMT - Tue, 23 Jul 2024 06:34:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30619 bytes)
Hash
b8e7099b0bda6630b3638b4ba1be51e0
12470f4bdf773f795cd76a92819eef61af2a6c4f
d45f7f4fd26d5cf955bb8788920709f1c5f4a4347d01485bb83b144414f213e8

HTTP Headers

GET /37/b9/35/37b93537576e500d0368e88b69fb3024.js HTTP/1.1
Host: desperateambient.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d479bd110ec28318d04bc996824731f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

216.58.211.10

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
ddb84c1587287b2df08966081ef063bf
9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:47:11 GMT
expires: Fri, 02 May 2025 02:47:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 506178
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gloomilysuffocate.com/pixel/purst?dl=0&th=0&sc=0&rs=1526&rd=1526&fd=983&bv=24.5.6485&tmpl=70

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
gloomilysuffocate.com/pixel/purst?dl=0&th=0&sc=0&rs=1526&rd=1526&fd=983&bv=24.5.6485&tmpl=70
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectgloomilysuffocate.com
Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54
ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1526&rd=1526&fd=983&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 23:23:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

youradexchange.com/script/suurl5.php?r=7810210&cbur=0.10680786923473384&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Mega%20Deportes%20TV%20-%20F%C3%BAtbol%20en%20VIVO%20Gratis%20HD&cbpage=https%3A%2F%2Fmegadeportestv2.com%2F&cbref=&cbdescription=Mega%20Deportes%20TV%3A%20Mira%20el%20deporte%20como%20debe%20ser%20sin%20anuncios%20y%20con%20estabilidad.%20Todo%20el%20futbol%20Argentino%20Gratis%20por%20Fox%20Sports%2C%20ESPN%2C%20TYC%20Sports%20y%20Mas..&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715124209100&srs=71d2148ae0a3f14bb12b22acde77a9d5&atv=48.1

172.67.177.214

200 OK

1.3 kB

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=7810210&cbur=0.10680786923473384&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Mega%20Deportes%20TV%20-%20F%C3%BAtbol%20en%20VIVO%20Gratis%20HD&cbpage=https%3A%2F%2Fmegadeportestv2.com%2F&cbref=&cbdescription=Mega%20Deportes%20TV%3A%20Mira%20el%20deporte%20como%20debe%20ser%20sin%20anuncios%20y%20con%20estabilidad.%20Todo%20el%20futbol%20Argentino%20Gratis%20por%20Fox%20Sports%2C%20ESPN%2C%20TYC%20Sports%20y%20Mas..&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715124209100&srs=71d2148ae0a3f14bb12b22acde77a9d5&atv=48.1
IP
172.67.177.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B
ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT

File type
JSON text data
Size
1.3 kB (1252 bytes)
Hash
d9faaeb3990ca044b537c169537f8635
41f7a57b575101f1e886f4b5799a3cba04204b64
fa9a17ad4f950b19bf29c7483f4a8d3ed109de076549a080815cbff3661ffa38

HTTP Headers

GET /script/suurl5.php?r=7810210&cbur=0.10680786923473384&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Mega%20Deportes%20TV%20-%20F%C3%BAtbol%20en%20VIVO%20Gratis%20HD&cbpage=https%3A%2F%2Fmegadeportestv2.com%2F&cbref=&cbdescription=Mega%20Deportes%20TV%3A%20Mira%20el%20deporte%20como%20debe%20ser%20sin%20anuncios%20y%20con%20estabilidad.%20Todo%20el%20futbol%20Argentino%20Gratis%20por%20Fox%20Sports%2C%20ESPN%2C%20TYC%20Sports%20y%20Mas..&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715124209100&srs=71d2148ae0a3f14bb12b22acde77a9d5&atv=48.1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvfvnxOwjFrJu%2Bw5VocAzxFSFidVIV5sqyYBKvujCgPEG7e4b81pvQ%2BR%2BIJU0CQuBX7ibtOUwLqtN2FtE8cp%2FwpyLFwC7%2B30N%2FUx4pWiL%2B2RI1FNB7%2Ftj25j96hzBEP8zk1F%2F9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5446b4db529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megadeportestv2.com/flags/libertadores.png?v

104.21.52.17

200 OK

3.7 kB

URL GET HTTP/3
megadeportestv2.com/flags/libertadores.png?v
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3683 bytes)
Hash
cf3f12822c8f61c974a6970cd94348ad
cf6f1a59436c5bfd0762e94034708fe422a00b5c
b4efb6bc4c10a947aedf9be607dfe0f46b8d907a6591e0824bf563341b28a2c2

HTTP Headers

GET /flags/libertadores.png?v HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/agenda3.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/png
content-length: 3683
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-e63"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 253E:96BD5:3A6F541:3C1121F:663AB7F0
via: 1.1 varnish
x-served-by: cache-osl6543-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124210.597561,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 38830102434f454a807a3067a2fdb03cd9ec9f8d
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80c%2B62HaDJ6Oi1g3fRvjPMxXVPlS7sI9oT9BKDYuPYgLDrCOFkiuCoL8ud%2FS%2FvD1Fe0h7UVC%2FQD%2FsgjHPSpJpJ7mRlgemzbE8wJ0viVCd76mTKpyEf59rqA%2BSbIeoGNFRkZdKxWK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f545eea856c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/flags/sud.png?v

104.21.52.17

200 OK

3.5 kB

URL GET HTTP/3
megadeportestv2.com/flags/sud.png?v
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3528 bytes)
Hash
db7038c39eaec61c50fb510c5a05f1bc
c8233545130a2ee2fd87ebc3174f5f70a2219d63
0aca5cae7a7e1a6f5a734172ba6f5bdc1de9cde12c7c9d0c0c888d2647f32cfa

HTTP Headers

GET /flags/sud.png?v HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/agenda3.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/png
content-length: 3528
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-dc8"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: E03E:3AEDCF:4C18771:4E31910:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6537-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124210.601923,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: 61d6df472c4e68b0843937e7f4c2d8250ee13005
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bO3hob4wgquELyFHGeuDl9pphXmyS7yPQ7iv94lnlBZwKs5DeDL31pUDDCJ%2FEKS2AVKSZL0HL6RUTInH384Qi6IRREaixtN2%2FbjG1AeV27%2Fw1jwqQSxLWJVZ5rWS%2Ftez78K54Wy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f545feab56c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/flags/nba.png?v

104.21.52.17

200 OK

2.6 kB

URL GET HTTP/3
megadeportestv2.com/flags/nba.png?v
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2602 bytes)
Hash
6f44c3c53a3decc855e6f8be3b88a3f3
b19462f57617968266e0a5aa80e0bcf24db40d00
8cad4258b130471f4d2fc32729a8c54999cf32879e2d660e640b8e216d004fef

HTTP Headers

GET /flags/nba.png?v HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/agenda3.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/png
content-length: 2602
x-origin-cache: HIT
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-a2a"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: E04C:31E846:7B7BC6:7EAA24:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6535-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124210.604787,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: 6b8416b80fccb1e1a8204b61b5857e49a4c55180
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUJeu4mWoxQGpSGvJklIlpeRhL%2BaXI8wfC0TCUgd1cIYivGvxzCeT6dTJTqBuEhAR1qMC%2F97d4BhOBAcA1kOW4ypTvtzQe5sfertCeLK%2F0GHHZVBPlm40QuVv%2FCu1Grr5IFJLaaB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f545feac56c4-OSL
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/flags/mlb.png?v2

104.21.52.17

200 OK

6.0 kB

URL GET HTTP/3
megadeportestv2.com/flags/mlb.png?v2
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (6006 bytes)
Hash
5dd1867169fdcf6fa02d4a38e73c2f87
0c2a077f8051067e09031082729988ef3b8aecaa
9ff56d010dc9ba40098003ed086d01108dd874f3338f38647150fc781459881b

HTTP Headers

GET /flags/mlb.png?v2 HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/agenda3.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/png
content-length: 6006
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: "663aaf93-1776"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 3086:10B6E7:317E172:32D10DF:663AB7F1
via: 1.1 varnish
x-served-by: cache-osl6522-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124210.608669,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 21f849e65fd4b75a89c0e3caf5174a2307fe0fef
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zA56b03HdeKWJUJSwhxHhzlDFNqDN2%2B2JDL5AOCfFW4U7dCfaaQUmAZqCTWAgVBi9ZCSiGnLctbtyFgfEiIkclH1HweFUXAPaLDZemgIYmyIPtd7wCb2SIj8my8yRd53H81i%2F3Yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f545feaf56c4-OSL
alt-svc: h3=":443"; ma=86400

acscdn.com/script/ut.js?cb=1715124209182

188.114.97.1

200 OK

22 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1715124209182
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (62938), with no line terminators
Size
22 kB (22406 bytes)
Hash
bc481e345c04b4534e0a4e54a0f2c1c6
2be428035dd37b2722891c200f35449c5893df33
04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b

HTTP Headers

GET /script/ut.js?cb=1715124209182 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq4rLQfUzIb4PXABJF3kaL6QpNC2eEDt1dZIA_AICzJwRtEzQkHmfGBvBjJTgyllcLoFfCchk7ypw
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 07 May 2024 23:20:28 GMT
cache-control: public, max-age=3600
age: 2470
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5Tqfx9iDcy74hylahe%2F1Xl1GvGkYz2ldElRZcd0iHjtZNXmqiofRmAR1Sxz1qFX%2Ftl7WpV19tnoLtVPFE4rUKshIiraRh27Rwpt4B27v%2Fq2W7LV89QE8NcaFrq1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f5441bc6568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.dtscout.com/i/?l=https%3A%2F%2Fmegadeportestv2.com%2F&j=

141.101.120.11

200 OK

1.6 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Fmegadeportestv2.com%2F&j=
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with very long lines (2077)
Size
1.6 kB (1626 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fmegadeportestv2.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 08-May-2024 00:46:49 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 08-May-2024 03:23:29 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1715124209; Domain=dtscout.com; Expires=Thu, 15-Aug-2024 23:23:29 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.281
expires: Tue, 07 May 2024 23:23:28 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AevNSiMdZkNPNN5LmLkWPyHk99e5CznzTKKzAstM%2FudGMnkKkE6oXPsgnV038R%2FRvqG2GsIBp91VfmBQdbwpPR3Npz7fZq5fCeAXHqEQATfYnNSH98SCMLMTJGPmlCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5436b3970fe-HEL
content-encoding: br
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27461 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 04ab47139fc61baec0d6fc5f6ea928a3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 23:23:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CucweAUjWHcXfWIbN%2Bm7cfLWYR8mNptXT1zEMqyI9Za%2FVmc%2BgKA3UgMcSmGdHY18w83TSc5ltnO8ByF3yFd2GzTDtu%2BE44MC5JNn04cWWkuXjb%2BTo8anYCcUxtz3Up2v0tGpCsxsaRGrhtZWgH8ZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f5459c8b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

coordinatereopen.com/pixel/purst?dl=0&th=0&sc=0&rs=451&rd=451&fd=145&bv=24.5.6485&tmpl=70

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
coordinatereopen.com/pixel/purst?dl=0&th=0&sc=0&rs=451&rd=451&fd=145&bv=24.5.6485&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectcoordinatereopen.com
Fingerprint50:B4:D6:69:01:CA:60:05:4D:2C:55:98:1C:68:5D:64:DE:67:14:BD
ValidityMon, 06 May 2024 12:55:45 GMT - Sun, 04 Aug 2024 12:55:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=451&rd=451&fd=145&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: coordinatereopen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 23:23:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27964 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8df62b4aef572a5ad5c561905c74da50
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 23:23:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZQht%2FKT9CU%2Fh7XVg1emxu6f0UxFzCojDOQWB1cz%2F7%2FOuPNbtoDsq2SgPWHsBv2%2BIe6itoXMDCZocUooX%2BgCUTfc%2FXGuwz9YIKqZkzfxZkZP1H9%2F40ZSocEmhpoCARbv8Sm%2FJ2HNcZo8ZYTS7kP%2FMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f5423bf756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megadeportestv2.com/icono.ico

104.21.52.17

200 OK

18 kB

URL GET HTTP/3
megadeportestv2.com/icono.ico
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Size
18 kB (18342 bytes)
Hash
355fa6b1b8c302be5dae6109bce635c5
abe1210b6283a03a3174bc80a897b10e3b977b87
578fd0c5644b78c2db24f4d1782e98621ba4ac5527bbce0ed28777b761d32257

HTTP Headers

GET /icono.ico HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1; pp_main_37b93537576e500d0368e88b69fb3024=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: W/"663aaf93-1083e"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 2562:313486:1CBB576:1D65724:663AB7EE
age: 1
via: 1.1 varnish
x-served-by: cache-osl6542-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.951887,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: 542618cb865819da2f15a48fa252740d80e83ebf
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXD7wfhNIhgnKLue4NP47QJjqSecnLdLQGtwG%2FaAlGaOiR9TfSnulvAP5CJ0kb5hdcaz02XS4Ah2OO5PFCqu%2FzsRyggYfcv%2FNkFJFidmLWXd%2BdtUBcax4n0p7Jidlf0US5d6ggQV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f547eff156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

trumpsurgery.com/ntv.json?key=b21f89cf414ba1796d6f6190928010db&vstc=2

192.243.61.227

200 OK

8.6 kB

URL GET HTTP/1.1
trumpsurgery.com/ntv.json?key=b21f89cf414ba1796d6f6190928010db&vstc=2
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjecttrumpsurgery.com
Fingerprint97:A5:4B:F2:72:3D:5E:7A:D4:67:C0:7D:13:E3:01:95:20:62:E6:C3
ValidityMon, 06 May 2024 08:36:18 GMT - Sun, 04 Aug 2024 08:36:17 GMT

File type
JSON text data
Size
8.6 kB (8556 bytes)
Hash
6925ecafe38d000303a05c0056a41ddd
46c9eb6808ac26c0515dcc081e91cf5a666bb186
a6c21ccf286ec82fdadd9f184b466df357b8f9d227d4c25e5643a9fd94a71c95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=b21f89cf414ba1796d6f6190928010db&vstc=2 HTTP/1.1
Host: trumpsurgery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:30 GMT
Content-Type: application/json
Content-Length: 8556
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://megadeportestv2.com
Access-Control-Allow-Origin: https://megadeportestv2.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=21870697; expires=Wed, 08 May 2024 23:23:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 May 2024 23:23:30 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 May 2024 23:23:30 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 08 May 2024 23:23:30 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 08 May 2024 23:23:30 GMT; secure; SameSite=None
nlecb21f89cf414ba1796d6f6190928010db=[2229329,2229337]; expires=Tue, 07 May 2024 23:23:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85a5c47f8b9a2631bdc471da89e12f46
Strict-Transport-Security: max-age=0; includeSubdomains

pubtrky.com/ut/hb.php?cb=0.6005987670349389&v=1

172.67.188.110

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.6005987670349389&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectpubtrky.com
Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30
ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.6005987670349389&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1063
Origin: https://megadeportestv2.com
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Tue, 07 May 2024 23:23:30 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fhg8CTOhRaOWtEFU8j9I2O5RAaZEZvEDq1b7J9A%2BQWMeNicqyUymm%2FHpMdq%2F%2Fc0PWcdUWGrW2VW%2BTyL%2BiXoZA1YCOXzMeZ5B1tW5drs8c6kwIcAsOkwPy0CddMMquA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f549eccbb521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

trumpsurgery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujnOKF3X35mUQBAWZdPXM9szsIotrjASzm%2F2h%2BOMi1V3VkzLVXU1V%2F5jkFFyQPY5701Pnm2SDuojiQS8uMllYJChkLpKD%2BQ%2F0oLB4lB6Dow%2B63%2Fvq%2Bwq%2B9159tJufEg85O1m%2BqrelUmzpQsttvvAOpZeaazLJh81hz3%2Ff71xqmuJi32%2B5LzZfF%2BGmXvJc6rrUpc0VaUSkh0s1CZne79NW3211vBa90MHQ%2FB%2Fb3IFlDnhxSp6B5NPGQ%2Bc8ZDhBEn%2B1LOxmptOXXotzxTJtUPCDt5LNRJcJ4nkZGQdRcnCmhrbHKw%2Bgk%2F2ZXejiX2Egp8R59ABBcnBmEkGxN%2FMZKIgEAX8SZTGBUBNINkGob0PyYwKEHNfWkcT3rmlTsq1%2FWFazU9J4%2FCdkOSWNX88jib%2B8ouSweUurPJM6sRhGFeRwAjmYIM0PkW0vQJaHCLMPIfnPZOnxGpJ4b90qDcmrWe9STiCjCZQYgVkHef1JB3nkIE8dxPykGVJKuy4Pmdvrh2Gbd0Xgc5eybkQZdf0e8rC2N0KWjhCqEUKzg9TsYFOOYPIfYDcqWO7AZlPi3NhBwSuUgqC0BCUjKCVBmRGURbXPlfVsdY8rmwf0LHtnuV2NdTbYZfs6G4iEgJkRDK9201PydD0f5%2Bp3EpvipBl4NOr1w6hDOwGj3b7P%2Fcinfbfv9Vzq8gBWVpB2YdbytpyS9nu%2FI5VTsnj3YwTsEFYdIpTnwHIKVlZgGxW2k29iMWBcpNpkwmaF1wp1DK4rpFkD2Zazq07Js7NFPde4AREeXX60%2BHI6%2FmURoamQmgofyIcEA3VnfFOXZO%2BmLi35ej3NZCy3Wb3EWxnLxBOfvyG2Sm346rIdffZKWBN1ef9NYbM1lnCZDCz54orkXJgVbUJBvl%2B1b4vgem43ruQmydO166%2BurMapEdZKnUzA5PH6XwjllDSePzd7nU%2F99BukmcDkFeL8iJwFpD5EmO7ApnP3VhMYNdcEqYMyr8bGC%2BaHShIoMccsqGD%2Fg4N5PTasvs1ktWvvYGAWwLLbSOIKhalQqApMjWDzxXGWmqPLP35Sx6cI1MI4UGZhL1BG3Z0Nuf69CytPmt1222V%2B%2FwLtdpnoBh2vF%2FmUM%2BZ1fM%2F3WRuZnUYXv%2F3jbwAAAP%2F%2FAQAA%2F%2F9xWH8pdwQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
trumpsurgery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujnOKF3X35mUQBAWZdPXM9szsIotrjASzm%2F2h%2BOMi1V3VkzLVXU1V%2F5jkFFyQPY5701Pnm2SDuojiQS8uMllYJChkLpKD%2BQ%2F0oLB4lB6Dow%2B63%2Fvq%2Bwq%2B9159tJufEg85O1m%2BqrelUmzpQsttvvAOpZeaazLJh81hz3%2Ff71xqmuJi32%2B5LzZfF%2BGmXvJc6rrUpc0VaUSkh0s1CZne79NW3211vBa90MHQ%2FB%2Fb3IFlDnhxSp6B5NPGQ%2Bc8ZDhBEn%2B1LOxmptOXXotzxTJtUPCDt5LNRJcJ4nkZGQdRcnCmhrbHKw%2Bgk%2F2ZXejiX2Egp8R59ABBcnBmEkGxN%2FMZKIgEAX8SZTGBUBNINkGob0PyYwKEHNfWkcT3rmlTsq1%2FWFazU9J4%2FCdkOSWNX88jib%2B8ouSweUurPJM6sRhGFeRwAjmYIM0PkW0vQJaHCLMPIfnPZOnxGpJ4b90qDcmrWe9STiCjCZQYgVkHef1JB3nkIE8dxPykGVJKuy4Pmdvrh2Gbd0Xgc5eybkQZdf0e8rC2N0KWjhCqEUKzg9TsYFOOYPIfYDcqWO7AZlPi3NhBwSuUgqC0BCUjKCVBmRGURbXPlfVsdY8rmwf0LHtnuV2NdTbYZfs6G4iEgJkRDK9201PydD0f5%2Bp3EpvipBl4NOr1w6hDOwGj3b7P%2Fcinfbfv9Vzq8gBWVpB2YdbytpyS9nu%2FI5VTsnj3YwTsEFYdIpTnwHIKVlZgGxW2k29iMWBcpNpkwmaF1wp1DK4rpFkD2Zazq07Js7NFPde4AREeXX60%2BHI6%2FmURoamQmgofyIcEA3VnfFOXZO%2BmLi35ej3NZCy3Wb3EWxnLxBOfvyG2Sm346rIdffZKWBN1ef9NYbM1lnCZDCz54orkXJgVbUJBvl%2B1b4vgem43ruQmydO166%2BurMapEdZKnUzA5PH6XwjllDSePzd7nU%2F99BukmcDkFeL8iJwFpD5EmO7ApnP3VhMYNdcEqYMyr8bGC%2BaHShIoMccsqGD%2Fg4N5PTasvs1ktWvvYGAWwLLbSOIKhalQqApMjWDzxXGWmqPLP35Sx6cI1MI4UGZhL1BG3Z0Nuf69CytPmt1222V%2B%2FwLtdpnoBh2vF%2FmUM%2BZ1fM%2F3WRuZnUYXv%2F3jbwAAAP%2F%2FAQAA%2F%2F9xWH8pdwQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjecttrumpsurgery.com
Fingerprint97:A5:4B:F2:72:3D:5E:7A:D4:67:C0:7D:13:E3:01:95:20:62:E6:C3
ValidityMon, 06 May 2024 08:36:18 GMT - Sun, 04 Aug 2024 08:36:17 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujnOKF3X35mUQBAWZdPXM9szsIotrjASzm%2F2h%2BOMi1V3VkzLVXU1V%2F5jkFFyQPY5701Pnm2SDuojiQS8uMllYJChkLpKD%2BQ%2F0oLB4lB6Dow%2B63%2Fvq%2Bwq%2B9159tJufEg85O1m%2BqrelUmzpQsttvvAOpZeaazLJh81hz3%2Ff71xqmuJi32%2B5LzZfF%2BGmXvJc6rrUpc0VaUSkh0s1CZne79NW3211vBa90MHQ%2FB%2Fb3IFlDnhxSp6B5NPGQ%2Bc8ZDhBEn%2B1LOxmptOXXotzxTJtUPCDt5LNRJcJ4nkZGQdRcnCmhrbHKw%2Bgk%2F2ZXejiX2Egp8R59ABBcnBmEkGxN%2FMZKIgEAX8SZTGBUBNINkGob0PyYwKEHNfWkcT3rmlTsq1%2FWFazU9J4%2FCdkOSWNX88jib%2B8ouSweUurPJM6sRhGFeRwAjmYIM0PkW0vQJaHCLMPIfnPZOnxGpJ4b90qDcmrWe9STiCjCZQYgVkHef1JB3nkIE8dxPykGVJKuy4Pmdvrh2Gbd0Xgc5eybkQZdf0e8rC2N0KWjhCqEUKzg9TsYFOOYPIfYDcqWO7AZlPi3NhBwSuUgqC0BCUjKCVBmRGURbXPlfVsdY8rmwf0LHtnuV2NdTbYZfs6G4iEgJkRDK9201PydD0f5%2Bp3EpvipBl4NOr1w6hDOwGj3b7P%2Fcinfbfv9Vzq8gBWVpB2YdbytpyS9nu%2FI5VTsnj3YwTsEFYdIpTnwHIKVlZgGxW2k29iMWBcpNpkwmaF1wp1DK4rpFkD2Zazq07Js7NFPde4AREeXX60%2BHI6%2FmURoamQmgofyIcEA3VnfFOXZO%2BmLi35ej3NZCy3Wb3EWxnLxBOfvyG2Sm346rIdffZKWBN1ef9NYbM1lnCZDCz54orkXJgVbUJBvl%2B1b4vgem43ruQmydO166%2BurMapEdZKnUzA5PH6XwjllDSePzd7nU%2F99BukmcDkFeL8iJwFpD5EmO7ApnP3VhMYNdcEqYMyr8bGC%2BaHShIoMccsqGD%2Fg4N5PTasvs1ktWvvYGAWwLLbSOIKhalQqApMjWDzxXGWmqPLP35Sx6cI1MI4UGZhL1BG3Z0Nuf69CytPmt1222V%2B%2FwLtdpnoBh2vF%2FmUM%2BZ1fM%2F3WRuZnUYXv%2F3jbwAAAP%2F%2FAQAA%2F%2F9xWH8pdwQAAA%3D%3D HTTP/1.1
Host: trumpsurgery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Cookie: u_pl=21870697; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecb21f89cf414ba1796d6f6190928010db=[2229329,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be2a278927beb5843c9683de08e2ecba
Strict-Transport-Security: max-age=0; includeSubdomains

trumpsurgery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuunt%2Bc8ruouzcvgyAoyKSrZ9Izs4ssxhgJZjf7ofhxkequ6kmZ6q6mqnt6klNwQfY47k1PnWeSDeoiige9uMhkYZGgkLlIDuZPUFBYPErPBkdfKN73recpeN7nrY%2F28jPiIWenK1f1jlSKLS413cYL71B6ubEuk3zYGHb99%2F325YYZXOr5TffFxusi3NKLnktdl7q0sSqNiPRwsQIh0%2Fs92uy5zbbXpEttDM1%2Fe5s7sMwBH5yRZyD5tP7QuQgZTpDEX60Iu5Xp9KXX4lyxTBsM%2BOFbyVaiiwTxvIyMgyg5PGdD25PVB9DJwUwu9OAfYiCnxHn0AEFyeC4SwWB%2FpjNQEAkC%2Fn8UgwmEmkCyCUJ9G5KfECDkuLaBJL53TZuCbT9BWYVOSf3xn5DFlNR%2FvYgk%2FnJZyWHjllZ5JnViMYxKyOEEsj9Bmh8h26lBFkcIsw8h%2Bc9k8fE6knh%2FwyoNycvZ7FJOIKMJlBiBWQd5daSDPHKQpw5iftoIKaUdl4fM7fbCsMU7IvC5S1knooy6fhd5WMkbIUtHCNUIodlFanaxJUcw%2BQ%2BwmyUsd2CzKXFu7GLASxSCoLAEBSMoJEGRERSD8oAr69nyHlc2D%2Bh59s5zqxzrrL%2FHDnTWFwkBMyMYXu6lZ%2BTpyh%2Fn6ncSW%2BK0EXg06vbCqE3bAaOdns%2F9yKc9t%2Bd1XeryAFaWkLY2G3lHTknrvd%2BQyilZuPsxAnYEq44QygtgOQUrSrDNEjvJN7HoMy5SbTJhs4HXDHUMrkukWR3ZtrOnzsizs0U9V38XIjy%2B8mjh5XT8ywJCUyI1JT6QDwn66s74pi7I%2Fk1dWPL1RprJWO6waom3MpaJ%2F33%2BhtgutOFrK3b02SthBVTl%2FTeFzdZZwmXSt%2BSLZcm5MKvahIJ8v2bfFsH13G4u5ybJ0%2FXrr66uxakR1kqdTMDkycZfCOWU1J%2B%2FMPudT%2F30O6SZwOQl4vyYnAekPkKY7sKmc%2FVWExg15wRpDUVejo0XzC%2BVJFBi3rOghP1XH8zrsWHVaybLPXsHfVMDy24jiUsMTImBKsHUCDZfGGepOb7y4ydVfIpA1caBMrX9QBl1tzL5xhOnrTxtdFotl%2Fm9JdrpMNEJ2l438ilnzGv7nu%2BzFjI7jS59%2B8ffAAAA%2F%2F8BAAD%2F%2F3ulXQl3BAAA

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
trumpsurgery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuunt%2Bc8ruouzcvgyAoyKSrZ9Izs4ssxhgJZjf7ofhxkequ6kmZ6q6mqnt6klNwQfY47k1PnWeSDeoiige9uMhkYZGgkLlIDuZPUFBYPErPBkdfKN73recpeN7nrY%2F28jPiIWenK1f1jlSKLS413cYL71B6ubEuk3zYGHb99%2F325YYZXOr5TffFxusi3NKLnktdl7q0sSqNiPRwsQIh0%2Fs92uy5zbbXpEttDM1%2Fe5s7sMwBH5yRZyD5tP7QuQgZTpDEX60Iu5Xp9KXX4lyxTBsM%2BOFbyVaiiwTxvIyMgyg5PGdD25PVB9DJwUwu9OAfYiCnxHn0AEFyeC4SwWB%2FpjNQEAkC%2Fn8UgwmEmkCyCUJ9G5KfECDkuLaBJL53TZuCbT9BWYVOSf3xn5DFlNR%2FvYgk%2FnJZyWHjllZ5JnViMYxKyOEEsj9Bmh8h26lBFkcIsw8h%2Bc9k8fE6knh%2FwyoNycvZ7FJOIKMJlBiBWQd5daSDPHKQpw5iftoIKaUdl4fM7fbCsMU7IvC5S1knooy6fhd5WMkbIUtHCNUIodlFanaxJUcw%2BQ%2BwmyUsd2CzKXFu7GLASxSCoLAEBSMoJEGRERSD8oAr69nyHlc2D%2Bh59s5zqxzrrL%2FHDnTWFwkBMyMYXu6lZ%2BTpyh%2Fn6ncSW%2BK0EXg06vbCqE3bAaOdns%2F9yKc9t%2Bd1XeryAFaWkLY2G3lHTknrvd%2BQyilZuPsxAnYEq44QygtgOQUrSrDNEjvJN7HoMy5SbTJhs4HXDHUMrkukWR3ZtrOnzsizs0U9V38XIjy%2B8mjh5XT8ywJCUyI1JT6QDwn66s74pi7I%2Fk1dWPL1RprJWO6waom3MpaJ%2F33%2BhtgutOFrK3b02SthBVTl%2FTeFzdZZwmXSt%2BSLZcm5MKvahIJ8v2bfFsH13G4u5ybJ0%2FXrr66uxakR1kqdTMDkycZfCOWU1J%2B%2FMPudT%2F30O6SZwOQl4vyYnAekPkKY7sKmc%2FVWExg15wRpDUVejo0XzC%2BVJFBi3rOghP1XH8zrsWHVaybLPXsHfVMDy24jiUsMTImBKsHUCDZfGGepOb7y4ydVfIpA1caBMrX9QBl1tzL5xhOnrTxtdFotl%2Fm9JdrpMNEJ2l438ilnzGv7nu%2BzFjI7jS59%2B8ffAAAA%2F%2F8BAAD%2F%2F3ulXQl3BAAA
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjecttrumpsurgery.com
Fingerprint97:A5:4B:F2:72:3D:5E:7A:D4:67:C0:7D:13:E3:01:95:20:62:E6:C3
ValidityMon, 06 May 2024 08:36:18 GMT - Sun, 04 Aug 2024 08:36:17 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuunt%2Bc8ruouzcvgyAoyKSrZ9Izs4ssxhgJZjf7ofhxkequ6kmZ6q6mqnt6klNwQfY47k1PnWeSDeoiige9uMhkYZGgkLlIDuZPUFBYPErPBkdfKN73recpeN7nrY%2F28jPiIWenK1f1jlSKLS413cYL71B6ubEuk3zYGHb99%2F325YYZXOr5TffFxusi3NKLnktdl7q0sSqNiPRwsQIh0%2Fs92uy5zbbXpEttDM1%2Fe5s7sMwBH5yRZyD5tP7QuQgZTpDEX60Iu5Xp9KXX4lyxTBsM%2BOFbyVaiiwTxvIyMgyg5PGdD25PVB9DJwUwu9OAfYiCnxHn0AEFyeC4SwWB%2FpjNQEAkC%2Fn8UgwmEmkCyCUJ9G5KfECDkuLaBJL53TZuCbT9BWYVOSf3xn5DFlNR%2FvYgk%2FnJZyWHjllZ5JnViMYxKyOEEsj9Bmh8h26lBFkcIsw8h%2Bc9k8fE6knh%2FwyoNycvZ7FJOIKMJlBiBWQd5daSDPHKQpw5iftoIKaUdl4fM7fbCsMU7IvC5S1knooy6fhd5WMkbIUtHCNUIodlFanaxJUcw%2BQ%2BwmyUsd2CzKXFu7GLASxSCoLAEBSMoJEGRERSD8oAr69nyHlc2D%2Bh59s5zqxzrrL%2FHDnTWFwkBMyMYXu6lZ%2BTpyh%2Fn6ncSW%2BK0EXg06vbCqE3bAaOdns%2F9yKc9t%2Bd1XeryAFaWkLY2G3lHTknrvd%2BQyilZuPsxAnYEq44QygtgOQUrSrDNEjvJN7HoMy5SbTJhs4HXDHUMrkukWR3ZtrOnzsizs0U9V38XIjy%2B8mjh5XT8ywJCUyI1JT6QDwn66s74pi7I%2Fk1dWPL1RprJWO6waom3MpaJ%2F33%2BhtgutOFrK3b02SthBVTl%2FTeFzdZZwmXSt%2BSLZcm5MKvahIJ8v2bfFsH13G4u5ybJ0%2FXrr66uxakR1kqdTMDkycZfCOWU1J%2B%2FMPudT%2F30O6SZwOQl4vyYnAekPkKY7sKmc%2FVWExg15wRpDUVejo0XzC%2BVJFBi3rOghP1XH8zrsWHVaybLPXsHfVMDy24jiUsMTImBKsHUCDZfGGepOb7y4ydVfIpA1caBMrX9QBl1tzL5xhOnrTxtdFotl%2Fm9JdrpMNEJ2l438ilnzGv7nu%2BzFjI7jS59%2B8ffAAAA%2F%2F8BAAD%2F%2F3ulXQl3BAAA HTTP/1.1
Host: trumpsurgery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Cookie: u_pl=21870697; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecb21f89cf414ba1796d6f6190928010db=[2229329,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5b8097f39f5ea0e74d1e1efa595cdc2
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:30 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 956009ff6b3c590486457e3b4a945154
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2327&b_frame=1&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2327&b_frame=1&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=9f372a9f-4034-40d9-81c8-70a16d80556e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2327&b_frame=1&pk=37b93537576e500d0368e88b69fb3024&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 23:23:30 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 527fa6ed7b46b0471f7a30868921ab2b
Strict-Transport-Security: max-age=0; includeSubdomains

megadeportestv2.com/smallscripts120.js?inv

104.21.52.17

200 OK

11 kB

URL GET HTTP/3
megadeportestv2.com/smallscripts120.js?inv
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
ASCII text, with very long lines (392)
Size
11 kB (11124 bytes)
Hash
18856d1c32c0840a6bc6206f6e192baf
45b8288c8534d569f93969c99124700e6024681d
0b9cecf671d6675a4f7b244511f5ed66d2bd0ffd292d54a9ebcdbfac2a32c102

HTTP Headers

GET /smallscripts120.js?inv HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/agenda3.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f372a9f-4034-40d9-81c8-70a16d80556e%3A2%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: W/"663aaf93-139c"
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 9234:23C9E4:1407A29:1487564:663AB7EF
via: 1.1 varnish
x-served-by: cache-osl6542-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124209.314300,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: 956c2a9bd5a6e4e02269402c3a0978d8bef09944
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FT8v9Hx%2BNDmsNg1m%2FVAeiTXDe41RBowNank1UhCbQQk4kmrTAFNUyHAybQ867kIaNkxPLVvJZRKQdFxgim6B0Ug4atZncPyuP%2BJ7L6MN0sS%2FJhxY6mZ294I3Y5%2F89cDV20PZMah3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5442da356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/

104.21.52.17

200 OK

6.6 kB

URL User Request GET HTTP/2
megadeportestv2.com/
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
6.6 kB (6573 bytes)
Hash
04cdd8ca85a54779e95cd220ebb9f5fd
3b3a002f7a7c889ab7728f979350628b05e00a21
ae641ae797176ee6dfb3fc96f2cd31d708be004a8d7708856afbdb45db17f360

HTTP Headers

GET / HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:27 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
expires: Tue, 07 May 2024 23:33:27 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2E98:358315:538A1BF:55D0F17:663AB7EF
age: 0
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124207.449523,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 552958cbfca0a62c82ee98be2acd93fdacd4ae17
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2cw7ztUwQUYOtjEmhcYq65KFVRwZ0QKW4G%2FVW4htbN5X0x2y7v3dWtMazU%2FgUjuOyFvPJPm4k%2BwvDZokExJVQ5r5wfolVm4vDBZQP7N8rR17KNFFeivw7fGDeyYMFIdxBoBkBeo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5388948b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

acscdn.com/script/suv5.js

188.114.97.1

200 OK

74 kB

URL GET HTTP/3
acscdn.com/script/suv5.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type

Size
74 kB (74331 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: text/javascript
x-goog-generation: 1714390003317461
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 74331
x-goog-hash: crc32c=uRKYDw==, md5=nW6yiQ0hslOuaAXoh7w+fQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPoyHy5IgIuP3Mx7d8xlbGr4Ztbdj_zWMql0Ug3V060iSEYvlT2mT6rwqBt-gh0jlGuekBpqa_BYKw
expires: Tue, 07 May 2024 23:46:11 GMT
cache-control: public, max-age=3600
age: 2237
last-modified: Mon, 29 Apr 2024 11:26:43 GMT
etag: W/"9d6eb2890d21b253ae6805e887bc3e7d"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtexELTdMqPGYOrZWm6BMIU4IIpgV7D%2BVWsFy4XUVFutjG275q3OqwYCwjeQqJlM%2BBZNLUDBMawPdWdXDaLgFWbJ7nduqysWq5pIQLqkmsa9DVmnO2JEvHnfh%2FBa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f5420acd568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

megadeportestv2.com/js/rocket-loader.min.js

104.21.52.17

200 OK

12 kB

URL GET HTTP/3
megadeportestv2.com/js/rocket-loader.min.js
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /js/rocket-loader.min.js HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: W/"663aaf93-302c"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 104C:1DB036:130AE92:1386511:663AB7EF
via: 1.1 varnish
x-served-by: cache-osl6520-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.970241,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: beea023ace58310afb3b1ebdc75bcacddbc9f168
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTlQZ492WEQxNQI1wL6Qcju%2B%2BVeYZjKVqhHcqRzbRT8Giek%2BzEVjYPMYwroPfN8fDHl4%2BPWkPQg2QfdwUSCoGKc0bDWktyyYquJGvvy4YEA4pgTCc6Iag0DcO0PLTdMQZKLyj87a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53bca0256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

capaciousdrewreligion.com/advertisers.js

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/agenda3.html
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 23:23:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc9b585eb0af3fa2493e7459cb14d93e
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 23:23:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b59ca0cc950bbf91f3e4a72910dc6c81
Strict-Transport-Security: max-age=0; includeSubdomains

megadeportestv2.com/agenda3.html

104.21.52.17

200 OK

17 kB

URL GET HTTP/3
megadeportestv2.com/agenda3.html
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type

Size
17 kB (17352 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /agenda3.html HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
expires: Tue, 07 May 2024 23:33:29 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 33F0:313486:1CBB60D:1D657C6:663AB7F0
age: 0
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124209.987925,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: eaf838951ecca627bf10c7a33a6cb1ea1b147aba
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTNzN4hWww4Oh0THuctWEx%2BtWrvEzaV29671uWGzGnNXolZtgUvKLeV7M1qTkNSiYSOHca3UKP3tRkE%2FyQozRO96r41zaiAGIs49ZMdbliwL9a%2BMdWFXS9Gfr2AOggy2kQkD0Ueo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5422cbf56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/boxicons@2.0.7/css/boxicons.min.css

104.17.246.203

200 OK

63 kB

URL GET HTTP/2
unpkg.com/boxicons@2.0.7/css/boxicons.min.css
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
ASCII text, with very long lines (63235), with no line terminators
Size
63 kB (63235 bytes)
Hash
0ad3506ed6b1e7942657f8d6e650bdd7
904a53a9b89bdfb44140fd8f229a6961afd59df5
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

HTTP Headers

GET /boxicons@2.0.7/css/boxicons.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:27 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "f703-kEpTqbib37RBQP2PIpppYa/VnfU"
via: 1.1 fly.io
fly-request-id: 01HWQWYCCVTCRRZEEK9SNQAP6H-arn
cf-cache-status: HIT
age: 630148
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8804f53bbe60712d-OSL
X-Firefox-Spdy: h2

acscdn.com/script/aclib.js

188.114.97.1

200 OK

126 kB

URL GET HTTP/2
acscdn.com/script/aclib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type

Size
126 kB (125606 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:27 GMT
content-type: text/javascript
x-goog-generation: 1714389616107910
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125606
x-goog-hash: crc32c=xTw75w==, md5=TCF5phnDVdTC7KGmT28/Bw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPq3WDRiywUXy1I9epsgjBrZr10_kxsxD8tygBTr-xkVVMzaGeOnPwLfQ_UPT0AwhViwE90
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 07 May 2024 23:31:52 GMT
cache-control: public, max-age=3600
age: 3095
last-modified: Mon, 29 Apr 2024 11:20:16 GMT
etag: W/"4c2179a619c355d4c2eca1a64f6f3f07"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9p33okm45ouU8iCA4%2F9RQd7BjYky%2B7l1ZmPOu44GAyBb8PQtKRS%2Bp04eptWqKIKucEhfFVKe8o4aZBNH6SeKfcdXqZ6YFcw5IEGxX4IbtwgSB8VvRJ36T3t1xzn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804f53bfc550b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t.dtscout.com/pv/?_a=v&_h=megadeportestv2.com&_ss=5izfyv35fl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=mb92&_cb=_dtspv.c

141.101.120.11

200 OK

51 B

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=megadeportestv2.com&_ss=5izfyv35fl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=mb92&_cb=_dtspv.c
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
fee922ad610c9829f7198f0f925db3c9
57adf1939b0fce63064c4c4dde1dc3b51c74d9c5
f9d17be7dd8ab4e926425175a09666ab0c81ba6c1fcc7e75d74a42ddfdab2147

HTTP Headers

GET /pv/?_a=v&_h=megadeportestv2.com&_ss=5izfyv35fl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=mb92&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megadeportestv2.com/
Cookie: m=1; oa=1; df=1715124209
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:23:29 GMT
content-type: application/javascript
x-t: 0.18
x-c: 0
expires: Tue, 07 May 2024 23:23:28 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AetjWVF%2FEni%2BwSwCeKq8Bi%2B2flyisrNp6GL9lEOoN57UYRj2CAHjj0VhssCtGwnp7BkhsZ1q0LoREkHV4pwv9Be%2BPHZIvdkkiWGuO5ZolscP5j7wark4Gx0jAonBDus%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f5458c5b70fe-HEL
content-encoding: br
X-Firefox-Spdy: h2

megadeportestv2.com/css/a0434a2c9f7c3506.css?22

104.21.52.17

200 OK

47 kB

URL GET HTTP/3
megadeportestv2.com/css/a0434a2c9f7c3506.css?22
IP
104.21.52.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megadeportestv2.com/
Certificate
IssuerLet's Encrypt
Subjectmegadeportestv2.com
FingerprintCC:AA:9C:13:98:49:73:83:B9:88:6A:B5:08:CE:CA:97:4C:1F:85:FF
ValidityThu, 02 May 2024 00:55:04 GMT - Wed, 31 Jul 2024 00:55:03 GMT

File type
ASCII text, with very long lines (46802), with no line terminators
Size
47 kB (46802 bytes)
Hash
60bffbb7cec58381bc4068a8543d4356
639e5958f484a057cb604cf5bd9accfffb7a0124
6fc59f6023df64be0a7811ef20962cf5393789397ce895cba7119b382dc61d21

HTTP Headers

GET /css/a0434a2c9f7c3506.css?22 HTTP/1.1
Host: megadeportestv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadeportestv2.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:23:28 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 07 May 2024 22:47:47 GMT
access-control-allow-origin: *
etag: W/"663aaf93-b6d2"
expires: Tue, 07 May 2024 23:33:28 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 6D94:2AC4F6:2CC8DC:2E2574:663AB7EE
via: 1.1 varnish
x-served-by: cache-osl6551-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715124208.951261,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 2ca6ca5f6fc8592c8a783e0458b80b4e1ceff044
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7LDPB2ymb8zBI4jMsub15iBkauta82znJcxnj8ei4CpF6tDCK1BwD%2F%2B%2BQ1CwHLt2NvKxwefkbBmMRYL2RYPDgFKPyASrzML5Nwv4P5WKjrrSjIKTF1LqnR%2BB2jbcF33jrgbF%2B0T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804f53ba9ed56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL